Privacy policy

This page explains how the website works and is managed in relation to processing the personal data of users who visit it and use its services.

The policy is provided in accordance with Articles 13 et seq. of Regulation (EU) 679/2016 for those who interact with the online services of Castel S.r.l., that are accessible electronically at the address,  that corresponds to the home page of the Company’s website.
The policy is only provided for the Castel S.r.l. website, and not for other websites that may be visited via links for which the Company assumes no responsibility.

The policy is based on Recommendation No 2/2001, that European Data Protection Authorities, in the Group established by Article 29, Directive No 95/46/CE, adopted on 17 May 2001 to identify the minimum requirements for online personal data collection, and, in particular, the methods, time frames, and nature of the information that the data controllers are required to provide to users when they connect to the webpage, regardless of the purposes of their visit.

Terms and conditions of use
The site intends to provide visitors with information and services.

The user acknowledges that using the site and what it offers is subject to accepting the terms and conditions set out in the following.

Intellectual property
All rights to the content (e.g. texts, images, site architecture) are reserved in accordance with the regulations in force. The contents on site’s pages cannot, neither completely nor partially, be copied, reproduced, moved, downloaded, published or distributed in any way without prior written consent from Castel S.r.l., except when it is stored on the user’s computer or excerpts from this site’s pages are printed off solely for personal use.
Any type of link found on this site that is included by third parties must not damage Castel S.r.l.’s image or activities. What is known as deep linking, namely the non-transparent use of parts of this site on third-party sites, is prohibited.
Any failure to observe these provisions, unless given express written permission, will be prosecuted in the competent civil and criminal courts of law.

Limits of liability
Castel S.r.l., cannot be held liable in any way for damages of any kind caused directly or indirectly by accessing the site, nor by an inability to access it.

Castel S.r.l. reserves the right to modify the site’s content and this page at any time, without prior notice.

The presence of links to external websites on this site also does not imply Castel S.r.l.’s approval or shared responsibility in any form regarding the completeness and correctness of information found on the sites specified.

The Data controller
After visiting this site, data relating to the identified or identifiable persons can be processed. The data controller is Castel S.r.l., 2-4 Via Provinciale – Pessano Con Bornago (MI). The controller processes data according to the principles of correctness, lawfulness, transparency and protecting users’ confidentiality and rights.

Data processing location and principles
The processing related to this site’s web services are carried out at the headquarters of Castel S.r.l., and is handled solely by the internal personnel responsible for processing, or by others responsible for occasional maintenance operations.
The data collected during the site’s use is processed, solely by authorised individuals, with automated and non-automated tools, and for the time necessary to meet the goals of why it has been collected (detailed information on the site provides further detail on the retention times for collected data).
In order to prevent a loss of data, as well as its illicit or improper use, appropriate security measures are implemented, that are designed to ensure confidentiality and avoid undue access by third parties or unauthorised personnel, in compliance with obligations laid down by the law.

Types of processed data

Anonymous browsing data
The IT systems and software procedures for the functioning of this website obtain, during their normal operation, some personal data, the transmission of which is implied in the use of Internet communication protocols.
This is information that is not collected to be linked to identified parties concerned, but that by its very nature could, through processing and links with data held by third parties, allow for users to be identified.
This category of data includes the IP addresses or domain names of the computers used by users that connect to the site, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters relating to the operating system and the user’s computing device.
This data is used solely to obtain anonymous statistical information on the site’s use and to check that it is functioning correctly. The data could also be used to establish liability in the event of hypothetical computer-related crimes committed against the site.

Data voluntarily provided by the user
The optional, express and voluntary sending of e-mails to the addresses found on this website results in the sender’s address being subsequently obtained, as well as any other personal data included in the correspondence, required in order to respond to requests.

Likewise, express and voluntary sending of messages using the contact forms found on this website results in the sender’s address being subsequently obtained, as well as any other personal data included in the form, required in order to respond to requests.

A cookie is a small data file that is sent to the user’s computer when they visit a website for the first time. The file contains elements that can uniquely identify the user’s computer.
Further information on the use of cookies on this site can be found by clicking here.

Data subject rights
In order to have full clarity concerning the specific processing; and, particularly, to be able to delete, anonymise and block data processed in breach of the law; to request an update, correction or integration; to object to the data’s use; to acquire the updated list of data processors; and to exercise the other rights provided for in Article 15 et seq. of Regulation (EU) No 679/2016 (GDPR), users may write to the following address:
Concerning the right to stop any information about products, services and sales promotions from being sent, a specific option allowing the recipient to easily unsubscribe from the mailing list is found in every piece of correspondence. If the user considers there to be a breach of their rights, they can lodge a complaint with the competent supervisory authority pursuant to Article 77 of the GDPR, without ruling out the possibility of filing a complaint directly to the judicial authority.